[   44.217925][    T1] RBP: 00007ffdae7b7eb0 R08: 00007f53cca68940 R09: 00000000ffffffff
[   44.225990][    T1] R10: 000056446dd04200 R11: 0000000000000246 R12: 000056446dd04200
[   44.233964][    T1] R13: 0000000000000000 R14: 0000000000000017 R15: 00007ffdae7b7e20
[[0;32m  OK  [0m] Started Daily apt download activities.
[[0;32m  OK  [0m] Started Daily apt upgrade and clean activities.
[[0;32m  OK  [0m] Reached target Timers.
[[0;32m  OK  [0m] Started System Logging Service.
[[0;32m  OK  [0m] Started Permit User Sessions.
[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.
[[0;32m  OK  [0m] Started getty on tty2-tty6 if dbus and logind are not available.
[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Started Getty on tty6.
[[0;32m  OK  [0m] Started Getty on tty5.
[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Upda[   54.015750][ T6727] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6727
te UTMP about Sy[   54.025414][ T6727] caller is ext4_mb_new_blocks+0xa4d/0x3b70
stem Runlevel Ch[   54.032564][ T6727] CPU: 1 PID: 6727 Comm: systemd-rfkill Not tainted 5.7.0-syzkaller #0
[   54.042055][ T6727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.052090][ T6727] Call Trace:
[   54.055368][ T6727]  dump_stack+0x18f/0x20d
[   54.059703][ T6727]  check_preemption_disabled+0x20d/0x220
[   54.065317][ T6727]  ext4_mb_new_blocks+0xa4d/0x3b70
[   54.070419][ T6727]  ? ext4_ext_search_right+0x2ca/0xb20
[   54.075857][ T6727]  ? ext4_inode_to_goal_block+0x2df/0x3f0
[   54.081561][ T6727]  ext4_ext_map_blocks+0x201b/0x33e0
[   54.086831][ T6727]  ? ext4_ext_release+0x10/0x10
[   54.091682][ T6727]  ? down_write_killable+0x170/0x170
[   54.096946][ T6727]  ? ext4_es_lookup_extent+0x41d/0xd10
[   54.102395][ T6727]  ext4_map_blocks+0x4cb/0x1640
[   54.107227][ T6727]  ? ext4_issue_zeroout+0x1e0/0x1e0
[   54.112403][ T6727]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   54.117952][ T6727]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   54.123919][ T6727]  ? prandom_u32_state+0xe/0x170
[   54.128857][ T6727]  ? __brelse+0x84/0xa0
[   54.133009][ T6727]  ? __ext4_new_inode+0x144/0x55e0
[   54.138122][ T6727]  ext4_getblk+0xad/0x520
[   54.142451][ T6727]  ? ext4_iomap_overwrite_begin+0xa0/0xa0
[   54.148288][ T6727]  ? ext4_free_inode+0x1700/0x1700
[   54.153396][ T6727]  ext4_bread+0x7c/0x380
[   54.157732][ T6727]  ? ext4_getblk+0x520/0x520
[   54.162337][ T6727]  ? dquot_get_next_dqblk+0x180/0x180
[   54.167715][ T6727]  ext4_append+0x153/0x360
[   54.172119][ T6727]  ext4_mkdir+0x5e0/0xdf0
[   54.176721][ T6727]  ? ext4_rmdir+0xde0/0xde0
[   54.181227][ T6727]  ? security_inode_permission+0xc4/0xf0
[   54.186849][ T6727]  vfs_mkdir+0x419/0x690
[   54.191100][ T6727]  do_mkdirat+0x21e/0x280
[   54.195575][ T6727]  ? __ia32_sys_mknod+0xb0/0xb0
[   54.200424][ T6727]  ? do_syscall_64+0x1c/0xe0
[   54.205018][ T6727]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   54.211082][ T6727]  do_syscall_64+0x60/0xe0
[   54.215480][ T6727]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   54.221357][ T6727] RIP: 0033:0x7f232de04687
[   54.225764][ T6727] Code: Bad RIP value.
[   54.229805][ T6727] RSP: 002b:00007ffcb44a0d38 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   54.238196][ T6727] RAX: ffffffffffffffda RBX: 000055e064020985 RCX: 00007f232de04687
[   54.246174][ T6727] RDX: 00007ffcb44a0c00 RSI: 00000000000001ed RDI: 000055e064020985
[   54.254153][ T6727] RBP: 00007f232de04680 R08: 0000000000000100 R09: 0000000000000000
[   54.262109][ T6727] R10: 000055e064020980 R11: 0000000000000246 R12: 00000000000001ed
[   54.270074][ T6727] R13: 00007ffcb44a0ec0 R14: 0000000000000000 R15: 0000000000000000
anges.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

syzkaller login: [   57.522678][  T263] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:6/263
[   57.531820][  T263] caller is ext4_mb_new_blocks+0xa4d/0x3b70
[   57.537831][  T263] CPU: 1 PID: 263 Comm: kworker/u4:6 Not tainted 5.7.0-syzkaller #0
[   57.545817][  T263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   57.555874][  T263] Workqueue: writeback wb_workfn (flush-8:0)
[   57.561851][  T263] Call Trace:
[   57.565131][  T263]  dump_stack+0x18f/0x20d
[   57.569444][  T263]  check_preemption_disabled+0x20d/0x220
[   57.575063][  T263]  ext4_mb_new_blocks+0xa4d/0x3b70
[   57.580153][  T263]  ? ext4_find_extent+0x81a/0xad0
[   57.585170][  T263]  ? ext4_ext_search_right+0x2ca/0xb20
[   57.590631][  T263]  ? ext4_inode_to_goal_block+0x2df/0x3f0
[   57.596345][  T263]  ext4_ext_map_blocks+0x201b/0x33e0
[   57.601636][  T263]  ? ext4_ext_release+0x10/0x10
[   57.606480][  T263]  ? down_write_killable+0x170/0x170
[   57.611775][  T263]  ? ext4_es_lookup_extent+0x41d/0xd10
[   57.617218][  T263]  ext4_map_blocks+0x4cb/0x1640
[   57.622065][  T263]  ? ext4_issue_zeroout+0x1e0/0x1e0
[   57.627243][  T263]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   57.632780][  T263]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   57.638744][  T263]  ? ext4_alloc_io_end_vec+0x145/0x1c0
[   57.644266][  T263]  ext4_writepages+0x1a7b/0x33c0
[   57.649212][  T263]  ? __ext4_mark_inode_dirty+0x940/0x940
[   57.654882][  T263]  ? __lock_acquire+0x2224/0x48b0
[   57.659901][  T263]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[   57.665869][  T263]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[   57.671841][  T263]  ? __ext4_mark_inode_dirty+0x940/0x940
[   57.677450][  T263]  ? do_writepages+0xfa/0x2a0
[   57.682149][  T263]  do_writepages+0xfa/0x2a0
[   57.686645][  T263]  ? page_writeback_cpu_online+0x10/0x10
[   57.692271][  T263]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   57.697808][  T263]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   57.703786][  T263]  ? lock_downgrade+0x840/0x840
[   57.708622][  T263]  __writeback_single_inode+0x12a/0x13d0
[   57.714236][  T263]  ? _raw_spin_unlock+0x24/0x40
[   57.719063][  T263]  ? wbc_attach_and_unlock_inode+0x60a/0x9c0
[   57.725022][  T263]  writeback_sb_inodes+0x515/0xdc0
[   57.730125][  T263]  ? __writeback_single_inode+0x13d0/0x13d0
[   57.736153][  T263]  __writeback_inodes_wb+0xc3/0x250
[   57.741355][  T263]  wb_writeback+0x8db/0xd50
[   57.745858][  T263]  ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0
[   57.752166][  T263]  ? _find_next_bit.constprop.0+0x1a3/0x200
[   57.758040][  T263]  ? cpumask_next+0x3c/0x40
[   57.762546][  T263]  ? get_nr_dirty_inodes+0xd6/0x130
[   57.767731][  T263]  wb_workfn+0xab3/0x1090
[   57.772062][  T263]  ? inode_wait_for_writeback+0x30/0x30
[   57.777592][  T263]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   57.783118][  T263]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   57.789101][  T263]  process_one_work+0x965/0x1690
[   57.794158][  T263]  ? lock_release+0x800/0x800
[   57.798964][  T263]  ? pwq_dec_nr_in_flight+0x310/0x310
[   57.804326][  T263]  ? rwlock_bug.part.0+0x90/0x90
[   57.809272][  T263]  worker_thread+0x96/0xe10
[   57.813766][  T263]  ? process_one_work+0x1690/0x1690
[   57.819900][  T263]  kthread+0x3b5/0x4a0
[   57.824026][  T263]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   57.829835][  T263]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   57.835555][  T263]  ret_from_fork+0x1f/0x30
Warning: Permanently added '10.128.0.126' (ECDSA) to the list of known hosts.
2020/06/15 19:25:41 fuzzer started
2020/06/15 19:25:41 connecting to host at 10.128.0.26:43911
2020/06/15 19:25:41 checking machine...
2020/06/15 19:25:41 checking revisions...
2020/06/15 19:25:41 testing simple program...
[   58.923913][ T6803] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6803
[   58.933035][ T6803] caller is ext4_mb_new_blocks+0xa4d/0x3b70
[   58.938936][ T6803] CPU: 0 PID: 6803 Comm: syz-fuzzer Not tainted 5.7.0-syzkaller #0
[   58.946809][ T6803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.957742][ T6803] Call Trace:
[   58.961028][ T6803]  dump_stack+0x18f/0x20d
[   58.965346][ T6803]  check_preemption_disabled+0x20d/0x220
[   58.970977][ T6803]  ext4_mb_new_blocks+0xa4d/0x3b70
[   58.976079][ T6803]  ? ext4_ext_search_right+0x2ca/0xb20
[   58.981531][ T6803]  ? ext4_inode_to_goal_block+0x2df/0x3f0
[   58.988537][ T6803]  ext4_ext_map_blocks+0x201b/0x33e0
[   58.993816][ T6803]  ? ext4_ext_release+0x10/0x10
[   58.998660][ T6803]  ? down_write_killable+0x170/0x170
[   59.003922][ T6803]  ? ext4_es_lookup_extent+0x41d/0xd10
[   59.009362][ T6803]  ext4_map_blocks+0x4cb/0x1640
[   59.014198][ T6803]  ? ext4_issue_zeroout+0x1e0/0x1e0
[   59.019394][ T6803]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   59.024918][ T6803]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   59.030881][ T6803]  ? prandom_u32_state+0xe/0x170
[   59.035797][ T6803]  ? __brelse+0x84/0xa0
[   59.039930][ T6803]  ? __ext4_new_inode+0x144/0x55e0
[   59.045019][ T6803]  ext4_getblk+0xad/0x520
[   59.049348][ T6803]  ? ext4_iomap_overwrite_begin+0xa0/0xa0
[   59.055062][ T6803]  ? ext4_free_inode+0x1700/0x1700
[   59.061115][ T6803]  ext4_bread+0x7c/0x380
[   59.065861][ T6803]  ? ext4_getblk+0x520/0x520
[   59.070628][ T6803]  ? dquot_get_next_dqblk+0x180/0x180
[   59.076089][ T6803]  ext4_append+0x153/0x360
[   59.080605][ T6803]  ext4_mkdir+0x5e0/0xdf0
[   59.084979][ T6803]  ? ext4_rmdir+0xde0/0xde0
[   59.089466][ T6803]  ? security_inode_permission+0xc4/0xf0
[   59.095101][ T6803]  vfs_mkdir+0x419/0x690
[   59.099406][ T6803]  do_mkdirat+0x21e/0x280
[   59.103791][ T6803]  ? __ia32_sys_mknod+0xb0/0xb0
[   59.108633][ T6803]  ? do_syscall_64+0x1c/0xe0
[   59.113209][ T6803]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   59.119236][ T6803]  do_syscall_64+0x60/0xe0
[   59.123634][ T6803]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   59.129505][ T6803] RIP: 0033:0x4b02a0
[   59.133371][ T6803] Code: Bad RIP value.
[   59.137414][ T6803] RSP: 002b:000000c00004f4b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102
[   59.145804][ T6803] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b02a0
[   59.153754][ T6803] RDX: 00000000000001c0 RSI: 000000c00009eb80 RDI: ffffffffffffff9c
[   59.161730][ T6803] RBP: 000000c00004f510 R08: 0000000000000000 R09: 0000000000000000
[   59.169679][ T6803] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff
[   59.177629][ T6803] R13: 000000000000005d R14: 000000000000005c R15: 0000000000000100
[   59.196297][ T6816] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6816
[   59.205806][ T6816] caller is ext4_mb_new_blocks+0xa4d/0x3b70
[   59.211684][ T6816] CPU: 0 PID: 6816 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0
[   59.219894][ T6816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.230194][ T6816] Call Trace:
[   59.233467][ T6816]  dump_stack+0x18f/0x20d
[   59.237797][ T6816]  check_preemption_disabled+0x20d/0x220
[   59.243419][ T6816]  ext4_mb_new_blocks+0xa4d/0x3b70
[   59.248539][ T6816]  ? ext4_ext_search_right+0x2ca/0xb20
[   59.253995][ T6816]  ? ext4_inode_to_goal_block+0x2df/0x3f0
[   59.259696][ T6816]  ext4_ext_map_blocks+0x201b/0x33e0
[   59.264974][ T6816]  ? ext4_ext_release+0x10/0x10
[   59.269813][ T6816]  ? down_write_killable+0x170/0x170
[   59.275074][ T6816]  ? ext4_es_lookup_extent+0x41d/0xd10
[   59.280585][ T6816]  ext4_map_blocks+0x4cb/0x1640
[   59.285451][ T6816]  ? ext4_issue_zeroout+0x1e0/0x1e0
[   59.290643][ T6816]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   59.296168][ T6816]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   59.302124][ T6816]  ? prandom_u32_state+0xe/0x170
[   59.307136][ T6816]  ? __brelse+0x84/0xa0
[   59.311269][ T6816]  ? __ext4_new_inode+0x144/0x55e0
[   59.316372][ T6816]  ext4_getblk+0xad/0x520
[   59.320680][ T6816]  ? ext4_iomap_overwrite_begin+0xa0/0xa0
[   59.326382][ T6816]  ? ext4_free_inode+0x1700/0x1700
[   59.331471][ T6816]  ext4_bread+0x7c/0x380
[   59.335690][ T6816]  ? ext4_getblk+0x520/0x520
[   59.340277][ T6816]  ? dquot_get_next_dqblk+0x180/0x180
[   59.345667][ T6816]  ext4_append+0x153/0x360
[   59.350069][ T6816]  ext4_mkdir+0x5e0/0xdf0
[   59.354384][ T6816]  ? ext4_rmdir+0xde0/0xde0
[   59.358876][ T6816]  ? security_inode_permission+0xc4/0xf0
[   59.364499][ T6816]  vfs_mkdir+0x419/0x690
[   59.368719][ T6816]  do_mkdirat+0x21e/0x280
[   59.373026][ T6816]  ? __ia32_sys_mknod+0xb0/0xb0
[   59.377863][ T6816]  ? do_syscall_64+0x1c/0xe0
[   59.382432][ T6816]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   59.388400][ T6816]  do_syscall_64+0x60/0xe0
[   59.392808][ T6816]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   59.398674][ T6816] RIP: 0033:0x45bed7
[   59.402539][ T6816] Code: Bad RIP value.
[   59.406589][ T6816] RSP: 002b:00007ffdd0bc7f08 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   59.415068][ T6816] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7
[   59.423120][ T6816] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007ffdd0bc80e0
[   59.431416][ T6816] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000002ec0
[   59.439364][ T6816] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2
[   59.447323][ T6816] R13: 00007ffdd0bc80e0 R14: 8421084210842109 R15: 00007ffdd0bc80ec
[   59.575681][ T6818] IPVS: ftp: loaded support on port[0] = 21
[   59.612393][ T6818] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6818
[   59.621864][ T6818] caller is ext4_mb_new_blocks+0xa4d/0x3b70
[   59.627740][ T6818] CPU: 1 PID: 6818 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0
[   59.635950][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.646003][ T6818] Call Trace:
[   59.649310][ T6818]  dump_stack+0x18f/0x20d
[   59.653631][ T6818]  check_preemption_disabled+0x20d/0x220
[   59.659240][ T6818]  ext4_mb_new_blocks+0xa4d/0x3b70
[   59.664337][ T6818]  ? ext4_ext_search_right+0x2ca/0xb20
[   59.669780][ T6818]  ? ext4_inode_to_goal_block+0x2df/0x3f0
[   59.675488][ T6818]  ext4_ext_map_blocks+0x201b/0x33e0
[   59.680760][ T6818]  ? ext4_ext_release+0x10/0x10
[   59.685598][ T6818]  ? down_write_killable+0x170/0x170
[   59.690857][ T6818]  ? ext4_es_lookup_extent+0x41d/0xd10
[   59.696302][ T6818]  ext4_map_blocks+0x4cb/0x1640
[   59.701141][ T6818]  ? ext4_issue_zeroout+0x1e0/0x1e0
[   59.706329][ T6818]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   59.711852][ T6818]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   59.717804][ T6818]  ? prandom_u32_state+0xe/0x170
[   59.722761][ T6818]  ? __brelse+0x84/0xa0
[   59.726907][ T6818]  ? __ext4_new_inode+0x144/0x55e0
[   59.732001][ T6818]  ext4_getblk+0xad/0x520
[   59.736311][ T6818]  ? ext4_iomap_overwrite_begin+0xa0/0xa0
[   59.742025][ T6818]  ? ext4_free_inode+0x1700/0x1700
[   59.747114][ T6818]  ext4_bread+0x7c/0x380
[   59.751356][ T6818]  ? ext4_getblk+0x520/0x520
[   59.755937][ T6818]  ? dquot_get_next_dqblk+0x180/0x180
[   59.761290][ T6818]  ext4_append+0x153/0x360
[   59.765684][ T6818]  ext4_mkdir+0x5e0/0xdf0
[   59.770003][ T6818]  ? ext4_rmdir+0xde0/0xde0
[   59.774493][ T6818]  ? security_inode_permission+0xc4/0xf0
[   59.781332][ T6818]  vfs_mkdir+0x419/0x690
[   59.785583][ T6818]  do_mkdirat+0x21e/0x280
[   59.789931][ T6818]  ? __ia32_sys_mknod+0xb0/0xb0
[   59.794772][ T6818]  ? do_syscall_64+0x1c/0xe0
[   59.799365][ T6818]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   59.805329][ T6818]  do_syscall_64+0x60/0xe0
[   59.809740][ T6818]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   59.815618][ T6818] RIP: 0033:0x45bed7
[   59.819482][ T6818] Code: Bad RIP value.
[   59.823524][ T6818] RSP: 002b:00007ffdd0bc7df8 EFLAGS: 00000202 ORIG_RAX: 0000000000000053
[   59.831909][ T6818] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7
[   59.839854][ T6818] RDX: 00007ffdd0bc7e43 RSI: 00000000000001ff RDI: 00007ffdd0bc7e40
[   59.847800][ T6818] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003
[   59.855749][ T6818] R10: 0000000000000064 R11: 0000000000000202 R12: 00000000004185c0
[   59.863705][ T6818] R13: 00007ffdd0bc7e30 R14: 0000000000000000 R15: 00007ffdd0bc7e40
[   59.915789][ T6818] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6818
[   59.925325][ T6818] caller is ext4_mb_new_blocks+0xa4d/0x3b70
[   59.931224][ T6818] CPU: 0 PID: 6818 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0
[   59.939463][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.949520][ T6818] Call Trace:
[   59.952816][ T6818]  dump_stack+0x18f/0x20d
[   59.957166][ T6818]  check_preemption_disabled+0x20d/0x220
[   59.962810][ T6818]  ext4_mb_new_blocks+0xa4d/0x3b70
[   59.967944][ T6818]  ? ext4_ext_search_right+0x2ca/0xb20
[   59.973412][ T6818]  ? ext4_inode_to_goal_block+0x2df/0x3f0
[   59.979272][ T6818]  ext4_ext_map_blocks+0x201b/0x33e0
[   59.984563][ T6818]  ? ext4_ext_release+0x10/0x10
[   59.989417][ T6818]  ? down_write_killable+0x170/0x170
[   59.994730][ T6818]  ? ext4_es_lookup_extent+0x41d/0xd10
[   60.000215][ T6818]  ext4_map_blocks+0x4cb/0x1640
[   60.005059][ T6818]  ? ext4_issue_zeroout+0x1e0/0x1e0
[   60.011206][ T6818]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   60.016729][ T6818]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   60.022696][ T6818]  ? prandom_u32_state+0xe/0x170
[   60.027645][ T6818]  ? __brelse+0x84/0xa0
[   60.031796][ T6818]  ? __ext4_new_inode+0x144/0x55e0
[   60.036908][ T6818]  ext4_getblk+0xad/0x520
[   60.041228][ T6818]  ? ext4_iomap_overwrite_begin+0xa0/0xa0
[   60.046954][ T6818]  ? ext4_free_inode+0x1700/0x1700
[   60.052059][ T6818]  ext4_bread+0x7c/0x380
[   60.056284][ T6818]  ? ext4_getblk+0x520/0x520
[   60.060873][ T6818]  ? dquot_get_next_dqblk+0x180/0x180
[   60.066225][ T6818]  ext4_append+0x153/0x360
[   60.070629][ T6818]  ext4_mkdir+0x5e0/0xdf0
[   60.074956][ T6818]  ? ext4_rmdir+0xde0/0xde0
[   60.079439][ T6818]  ? security_inode_permission+0xc4/0xf0
[   60.085059][ T6818]  vfs_mkdir+0x419/0x690
[   60.089277][ T6818]  do_mkdirat+0x21e/0x280
[   60.093616][ T6818]  ? __ia32_sys_mknod+0xb0/0xb0
[   60.098457][ T6818]  ? do_syscall_64+0x1c/0xe0
[   60.103027][ T6818]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   60.108996][ T6818]  do_syscall_64+0x60/0xe0
[   60.113393][ T6818]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   60.119259][ T6818] RIP: 0033:0x45bed7
[   60.123140][ T6818] Code: Bad RIP value.
[   60.127180][ T6818] RSP: 002b:00007ffdd0bc7df8 EFLAGS: 00000202 ORIG_RAX: 0000000000000053
[   60.135565][ T6818] RAX: ffffffffffffffda RBX: 000000000000ea02 RCX: 000000000045bed7
[   60.143528][ T6818] RDX: 00007ffdd0bc7e43 RSI: 00000000000001ff RDI: 00007ffdd0bc7e40
[   60.151487][ T6818] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003
2020/06/15 19:25:43 building call list...
[   60.159532][ T6818] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000003
[   60.167579][ T6818] R13: 00007ffdd0bc7e30 R14: 000000000000e9f9 R15: 00007ffdd0bc7e40
[   60.401707][  T263] tipc: TX() has been purged, node left!
[   60.943872][  T263] ==================================================================
[   60.952269][  T263] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770
[   60.960155][  T263] Write of size 1 at addr ffff888094d951e4 by task kworker/u4:6/263
[   60.968127][  T263] 
[   60.970463][  T263] CPU: 0 PID: 263 Comm: kworker/u4:6 Not tainted 5.7.0-syzkaller #0
[   60.978433][  T263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.988487][  T263] Workqueue: netns cleanup_net
[   60.993241][  T263] Call Trace:
[   60.996528][  T263]  dump_stack+0x18f/0x20d
[   61.000853][  T263]  ? afs_wake_up_async_call+0x6aa/0x770
[   61.006398][  T263]  ? afs_wake_up_async_call+0x6aa/0x770
[   61.011935][  T263]  ? afs_put_call+0xa40/0xa40
[   61.016609][  T263]  print_address_description.constprop.0.cold+0xd3/0x413
[   61.023633][  T263]  ? vprintk_func+0x97/0x1a6
[   61.028220][  T263]  ? afs_wake_up_async_call+0x6aa/0x770
[   61.033761][  T263]  kasan_report.cold+0x1f/0x37
[   61.038523][  T263]  ? rcu_read_lock_held+0x81/0xb0
[   61.043540][  T263]  ? afs_wake_up_async_call+0x6aa/0x770
[   61.049083][  T263]  afs_wake_up_async_call+0x6aa/0x770
[   61.054624][  T263]  ? afs_close_socket+0x320/0x320
[   61.059644][  T263]  ? afs_put_call+0xa40/0xa40
[   61.064317][  T263]  rxrpc_notify_socket+0x1db/0x5d0
[   61.069426][  T263]  ? afs_put_call+0xa40/0xa40
[   61.074109][  T263]  __rxrpc_set_call_completion.part.0+0x172/0x410
[   61.080547][  T263]  rxrpc_call_completed+0xca/0xf0
[   61.085587][  T263]  rxrpc_discard_prealloc+0x781/0xab0
[   61.090958][  T263]  ? lock_sock_nested+0x94/0x110
[   61.095895][  T263]  rxrpc_listen+0x147/0x360
[   61.100397][  T263]  afs_close_socket+0x95/0x320
[   61.105158][  T263]  ? afs_purge_servers+0x16d/0x300
[   61.110267][  T263]  ? afs_rx_discard_new_call+0x50/0x50
[   61.115739][  T263]  ? init_wait_var_entry+0x200/0x200
[   61.121027][  T263]  ? rcu_read_lock_held_common+0xa0/0xa0
[   61.126669][  T263]  ? check_preemption_disabled+0x38/0x220
[   61.132413][  T263]  afs_net_exit+0x1bc/0x310
[   61.136915][  T263]  ? afs_net_init+0xe30/0xe30
[   61.141586][  T263]  ops_exit_list.isra.0+0xa8/0x150
[   61.146696][  T263]  cleanup_net+0x511/0xa50
[   61.151108][  T263]  ? unregister_pernet_device+0x70/0x70
[   61.156671][  T263]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   61.162653][  T263]  process_one_work+0x965/0x1690
[   61.167597][  T263]  ? lock_release+0x800/0x800
[   61.172280][  T263]  ? pwq_dec_nr_in_flight+0x310/0x310
[   61.177669][  T263]  ? rwlock_bug.part.0+0x90/0x90
[   61.182712][  T263]  worker_thread+0x96/0xe10
[   61.187216][  T263]  ? process_one_work+0x1690/0x1690
[   61.192409][  T263]  kthread+0x3b5/0x4a0
[   61.196557][  T263]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   61.202264][  T263]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   61.207979][  T263]  ret_from_fork+0x1f/0x30
[   61.212400][  T263] 
[   61.214735][  T263] Allocated by task 6818:
[   61.219056][  T263]  save_stack+0x1b/0x40
[   61.223198][  T263]  __kasan_kmalloc.constprop.0+0xbf/0xd0
[   61.228938][  T263]  kmem_cache_alloc_trace+0x153/0x7d0
[   61.234318][  T263]  afs_alloc_call+0x55/0x630
[   61.238905][  T263]  afs_charge_preallocation+0xe9/0x2d0
[   61.244360][  T263]  afs_open_socket+0x292/0x360
[   61.249127][  T263]  afs_net_init+0xa6c/0xe30
[   61.253627][  T263]  ops_init+0xaf/0x420
[   61.257688][  T263]  setup_net+0x2de/0x860
[   61.261924][  T263]  copy_net_ns+0x293/0x590
[   61.266337][  T263]  create_new_namespaces+0x3fb/0xb30
[   61.271626][  T263]  unshare_nsproxy_namespaces+0xbd/0x1f0
[   61.277251][  T263]  ksys_unshare+0x43d/0x8e0
[   61.281751][  T263]  __x64_sys_unshare+0x2d/0x40
[   61.286511][  T263]  do_syscall_64+0x60/0xe0
[   61.290927][  T263]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   61.296804][  T263] 
[   61.299128][  T263] Freed by task 263:
[   61.303024][  T263]  save_stack+0x1b/0x40
[   61.307183][  T263]  __kasan_slab_free+0xf7/0x140
[   61.312029][  T263]  kfree+0x109/0x2b0
[   61.316003][  T263]  afs_put_call+0x585/0xa40
[   61.320511][  T263]  rxrpc_discard_prealloc+0x764/0xab0
[   61.325883][  T263]  rxrpc_listen+0x147/0x360
[   61.330382][  T263]  afs_close_socket+0x95/0x320
[   61.335141][  T263]  afs_net_exit+0x1bc/0x310
[   61.339644][  T263]  ops_exit_list.isra.0+0xa8/0x150
[   61.344753][  T263]  cleanup_net+0x511/0xa50
[   61.349175][  T263]  process_one_work+0x965/0x1690
[   61.354555][  T263]  worker_thread+0x96/0xe10
[   61.360015][  T263]  kthread+0x3b5/0x4a0
[   61.364081][  T263]  ret_from_fork+0x1f/0x30
[   61.368484][  T263] 
[   61.370808][  T263] The buggy address belongs to the object at ffff888094d95000
[   61.370808][  T263]  which belongs to the cache kmalloc-1k of size 1024
[   61.384854][  T263] The buggy address is located 484 bytes inside of
[   61.384854][  T263]  1024-byte region [ffff888094d95000, ffff888094d95400)
[   61.398201][  T263] The buggy address belongs to the page:
[   61.403837][  T263] page:ffffea0002536540 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0
[   61.412957][  T263] flags: 0xfffe0000000200(slab)
[   61.417812][  T263] raw: 00fffe0000000200 ffffea00029a3688 ffffea0002836bc8 ffff8880aa000c40
[   61.426407][  T263] raw: 0000000000000000 ffff888094d95000 0000000100000002 0000000000000000
[   61.434999][  T263] page dumped because: kasan: bad access detected
[   61.441400][  T263] 
[   61.443738][  T263] Memory state around the buggy address:
[   61.449372][  T263]  ffff888094d95080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.457427][  T263]  ffff888094d95100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.465491][  T263] >ffff888094d95180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.473544][  T263]                                                        ^
[   61.480729][  T263]  ffff888094d95200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.489500][  T263]  ffff888094d95280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.501647][  T263] ==================================================================
[   61.509702][  T263] Disabling lock debugging due to kernel taint
[   61.515919][  T263] Kernel panic - not syncing: panic_on_warn set ...
[   61.522563][  T263] CPU: 0 PID: 263 Comm: kworker/u4:6 Tainted: G    B             5.7.0-syzkaller #0
[   61.532609][  T263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   61.542662][  T263] Workqueue: netns cleanup_net
[   61.547409][  T263] Call Trace:
[   61.550694][  T263]  dump_stack+0x18f/0x20d
[   61.555017][  T263]  ? afs_wake_up_async_call+0x5f0/0x770
[   61.560555][  T263]  ? afs_put_call+0xa40/0xa40
[   61.565221][  T263]  panic+0x2e3/0x75c
[   61.569106][  T263]  ? __warn_printk+0xf3/0xf3
[   61.573693][  T263]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[   61.579838][  T263]  ? trace_hardirqs_on+0x55/0x220
[   61.584855][  T263]  ? afs_wake_up_async_call+0x6aa/0x770
[   61.590387][  T263]  ? afs_wake_up_async_call+0x6aa/0x770
[   61.595919][  T263]  ? afs_put_call+0xa40/0xa40
[   61.600586][  T263]  end_report+0x4d/0x53
[   61.604736][  T263]  kasan_report.cold+0xd/0x37
[   61.609402][  T263]  ? rcu_read_lock_held+0x81/0xb0
[   61.614447][  T263]  ? afs_wake_up_async_call+0x6aa/0x770
[   61.619983][  T263]  afs_wake_up_async_call+0x6aa/0x770
[   61.625348][  T263]  ? afs_close_socket+0x320/0x320
[   61.630358][  T263]  ? afs_put_call+0xa40/0xa40
[   61.639971][  T263]  rxrpc_notify_socket+0x1db/0x5d0
[   61.645070][  T263]  ? afs_put_call+0xa40/0xa40
[   61.649737][  T263]  __rxrpc_set_call_completion.part.0+0x172/0x410
[   61.656145][  T263]  rxrpc_call_completed+0xca/0xf0
[   61.661160][  T263]  rxrpc_discard_prealloc+0x781/0xab0
[   61.666526][  T263]  ? lock_sock_nested+0x94/0x110
[   61.671455][  T263]  rxrpc_listen+0x147/0x360
[   61.675972][  T263]  afs_close_socket+0x95/0x320
[   61.680821][  T263]  ? afs_purge_servers+0x16d/0x300
[   61.685926][  T263]  ? afs_rx_discard_new_call+0x50/0x50
[   61.691378][  T263]  ? init_wait_var_entry+0x200/0x200
executing program
[   61.696741][  T263]  ? rcu_read_lock_held_common+0xa0/0xa0
[   61.702371][  T263]  ? check_preemption_disabled+0x38/0x220
[   61.708263][  T263]  afs_net_exit+0x1bc/0x310
[   61.712766][  T263]  ? afs_net_init+0xe30/0xe30
[   61.717449][  T263]  ops_exit_list.isra.0+0xa8/0x150
[   61.722644][  T263]  cleanup_net+0x511/0xa50
[   61.727080][  T263]  ? unregister_pernet_device+0x70/0x70
[   61.732629][  T263]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   61.738615][  T263]  process_one_work+0x965/0x1690
[   61.743645][  T263]  ? lock_release+0x800/0x800
[   61.748323][  T263]  ? pwq_dec_nr_in_flight+0x310/0x310
[   61.753704][  T263]  ? rwlock_bug.part.0+0x90/0x90
[   61.758651][  T263]  worker_thread+0x96/0xe10
[   61.763166][  T263]  ? process_one_work+0x1690/0x1690
[   61.768379][  T263]  kthread+0x3b5/0x4a0
[   61.772437][  T263]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   61.778256][  T263]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   61.783967][  T263]  ret_from_fork+0x1f/0x30
[   61.789880][  T263] Kernel Offset: disabled
[   61.794209][  T263] Rebooting in 86400 seconds..